
package com.zpz.framework.zpzoauth.config.oauth.authorization;

import com.zpz.framework.zpzoauth.common.utils.ZpzOauthFilterIgnorePropertiesConfig;
import com.zpz.framework.zpzoauth.common.encrypt.ZpzOauthSaltUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.crypto.password.PasswordEncoder;

import java.util.Objects;

/**
 * @author zhangpanzhi
 * @time 2019-07-09
 * @description 未经本人允许请勿随便改动，尊重劳动
 * */
@Configuration
@EnableWebSecurity
public class ZpzOauthSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
    @Autowired
    private ZpzOauthFilterIgnorePropertiesConfig zpzOauthFilterIgnorePropertiesConfig;
    private Logger log = LoggerFactory.getLogger(this.getClass());
    /** 网关域名地址前缀 */

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        AuthenticationManager manager = super.authenticationManagerBean();
        return manager;
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new PasswordEncoder() {
            @Override
            public String encode(CharSequence charSequence) {
                String rawPassword = charSequence.toString();
                log.info("*************网关：encode：明文密码：："+rawPassword);
                String pwd = ZpzOauthSaltUtil.getPwd(rawPassword);
                log.info("***********授权中心：：：PasswordEncoder：：："+pwd);
                return pwd;
            }
            /**
             * 前端传递的密码/client_secret charSequence
             * */
            @Override
            public boolean matches(CharSequence charSequence, String s) {
                String rawPassword = charSequence.toString().trim();
                log.info("*************网关：matches：明文密码：："+rawPassword);
                String pwd = ZpzOauthSaltUtil.getPwd(rawPassword);
                log.info("***********授权中心：：：matches：：："+pwd);
                boolean flag=Objects.equals(pwd, s);
                log.info("***********授权中心：：：matches：：结果："+flag);
                return flag;
            }
        };
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry =
                http.formLogin().loginPage("/authentication/loginPage")
                        .loginProcessingUrl("/authentication/login")
                        .and()
                        .authorizeRequests();
        zpzOauthFilterIgnorePropertiesConfig.getUrls().forEach(url -> registry.antMatchers(url).permitAll());
        registry.anyRequest().authenticated()
                .and()
                .csrf().disable();
    }
}
